Infoman1
join:2001-03-21
Hubbard, OH
| reply to spooler
Re: iggy's prior post explains some of this
With respect to the opt in or out, Zone Alarm periodically sends data back on a routine basis. (PA2.zonelabs.com) Looking at an Ethereal trace, part of the communication is encrypted. Could this be the license key? When I caught it I was personally uncomfortable with it, so some explanation is needed. |
|
spooler
@134.50.x.x
| Outbound traffic from Zone Alarm
Informan1 said:
"...Zone Alarm periodically sends data back on a routine basis....part of the communication is encrypted....Could this be the license key? ...I(i.e., Informan1) was personally uncomfortable with it, so some explanation is needed."
-------------------
Sorry that answer is way over my head. I personally do not believe it is sinister, but it appears to me that ZoneLabs needs to revise its disclosure of what information is sent and when.
It would also be nice if the company did not send information back out without giving users the choice to allow or disallow those communications. If you are using ZA Pro, you may be able to create an "expert rule" to block some of those outgoing messages, but maybe not....
We'll have to depend on Iggy and the other ZA team members here to get in touch with the company and let us know for sure. |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
| Iggy hasn't heard back from ZoneLabs yet. I need to do some catching up on the post in this thread. But I've been up for about 25 and 1/2 hours now. Just back from a cancer research benefit. The 2 Red Bulls are wearing off.:) So I'll have to get to this tomorrow evening or Monday morning.
--
Test Your Security Benefit for Children's Cancer Cable Diagnostics My Blog |
|
SUMware
Premium
join:2002-05-21 | Thank you Iggy. We appreciate your efforts and understand that you have a life outside of here. LOL.  No problem! |
|
Charles770
join:2004-11-08
France | reply to IGGY
Thanks a lot Iggy.
We know that you do your best, when we need a help! |
|
spooler
@134.50.x.x
| reply to SUMware
second that thanks to Iggy.
Sumware and Charles said to Iggy:
Thank you Iggy. We appreciate your efforts and understand that you have a life outside of here. LOL. No problem!:)
Thanks a lot Iggy.
We know that you do your best, when we need a help!:)
----------------
Second that from here, too. Thanks for all your help, Iggy.:D |
|
Infoman1
join:2001-03-21
Hubbard, OH | reply to IGGY
Re: Outbound traffic from Zone Alarm
Thanks for your effort. Just want to know why exactly this application is phoning home. It happens on every machine Zone Alarm is installed on. I can provide the Ethereal dump if you like, although unlikely needed. |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
4 edits | reply to IGGY
I've still not heard back from ZoneLabs in regards to this thread. I just dropped a quick post on blog in regards to that. I've not forgotten about the thread. I'm going to try and do a read of recent post tonight. This thread is also now listed on my ZoneLabs bookmark page. Which I think at least one person from the company checks out from time to time.
Although I understand why users would be concerned about privacy. I think this is a bit over the top.
"I am not concerned about ZL privacy policy but I am concerned about embedded code tracking whatever. (AKA spyware)."
Your not going to see a reputable company all of a sudden start dropping spyware into their product. Even if they gave it a thought. Most companies are smart enough to realize the down side of this. They know in the end there is no positive upside long term wise. Yes many companies who "fight" ( term used loosely ) spyware - have used some "interesting" tactics to get you to buy their product. But I just don't see ZoneLabs doing something that underhanded. They have always stated that the free ZoneAlarm would be adware and spyware free. I think sometimes we are to quick to assume the worst.
"Maybe ZA uses the servers of Cerberian Inc."
This is in relation to the web filtering option. Or what some would call parental controls. I wouldn't think that ZA Free would have anything in relation to this. Considering that isn't a feature offered in the free version of the product. I do see some users are claiming to have found a related file in free above. My only thought would that since all versions are now running on the same code base - being updated at the same time - instead of one at a time. The file may have something to do with that.
Just sent in another email. With quick details of the latest concerns expressed here.
--
Test Your Security
Cable Diagnostics
Iggyz Blog ZoneAlarm Help |
|
spooler0
Premium
join:2004-11-17
| Thank you for checking, Iggy.
While at it, would you confirm what the h2.zonelabs.com contacts are? It appears to me that h2.zonelabs.com may also be used as part of the virus updates checking feature, but the information on link I have for your post describing that doesn't mention it in connection with h2.zonelabs.com.
Either way, it would be good to know. |
|
atangel
Now What??
Premium
join:2002-02-18
Bronx, NY
| reply to IGGY
Thanks Iggy.
As a long-time user of ZAP (notice the $$ added with the letter 'P' Zone Labs), the silence irks me. Greatly. When security software starts violating privacy there's no security'cause now I don't know who or what to tryst.... I'm not saying ZA is a bad product programmatically, but it is worthless if there is no trust. Even if the code is perfect.
If it wasn't an issue, you'd think we would have heard back by now. But truth be told, my reputation is on the line every time I recommend ZAF or ZAP to a friend, and I can't do that now. Sygate it is to recommend first.. And if a response never comes, then it's then Sysgate Pro for me (once again, Zone Labs, now notice the $$ lost)!
Companies forget that the money belongs to us first, and we decide who to give it to.
--
The reason you think I'm way on the left is 'cause you're so far to the right.
Dell Dimension, XP Pro, 2.4 Ghz, 512MB, BEFSX41, ZAP 5, NOD32, BOClean, a2, Adaware, Spybot, MW Pro, The Bat! |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
| "When security software starts violating privacy there's no security'cause"
There is in fact no proof that a "privacy violation" has occurred. I'd bet money that my contact has taken the week off for the holidays. I'm also aware that my contact has a lot of things on their plate so to speak. So it doesn't worry me that I've seen no reply. I also never read anything into such a situation.
Your reputation in no way would suffer. Do to recommending this product.
If memory serves me right. Your current choice has hit a few bumps in the road from time to time.
The previous link way up above. Is a good example of ZoneLabs taking users concerns seriously. They clearly stated what contact is made - when and why. Now maybe that information needs update and some things clarified. But I'm not ready to call out the hanging party just yet.
--
Test Your Security Cable DiagnosticsIggyz Blog ZoneAlarm Help |
|
WFO
Premium
join:2001-08-27
San Ramon, CA
| reply to atangel
AtAngel, I don't know why you would recommend Sygate after this thread. »Sygate Firewalls
Was that resolved to everyone's satisfaction???
So far nothing has been proven one way or another regarding ZA. I'm still inclined to give the benefit of the doubt. In the meantime I've upgraded my own monitoring capabilities. Iggy I and many others hope you are right.:) |
|
shamrin
join:2001-01-08
Lexington, KY
clubs: 
 ·Insight Communicat..
| reply to IGGY
Iggy, I can appreciate you wanting to give ZA the benefit of the doubt (especially understandable looking at your avatar), but I think for a many of us the trust is already broken.
The reason we all use a software firewall in addition to NAT and/or our router firewall is (to a large extent) to ensure that desktop applications aren't allowed to phone home (or anywhere else) without our knowledge and permission. Bizarrely, or perhaps just ironically, what we find out in this thread is that the very program we use for this purpose phones home without asking permission and this apparently can't be turned off. Hmmm, well, should I really trust a company whose product violates its owned stated purpose and ethos? I don't think I have to wait around to find out if ZA is reporting back what sites I visit, or whether I have porn on my computer, or MP3s, or pirated software or even just how often I turn my machine on. No matter how benign the communication might be, the point is that this software circumvents the very reason I have installed it. Look at this thread, people are actually installing what amounts to another firewall to watch this firewall.
Anyway, truth be told, I've had some suspicions about this software for a while due to the temptations a private for-profit company might have with so much software embedded in such a critical location. I think if you are truly paranoid, and let's face it many of us in this forum are, unless ZA decides to go open source, it's hard to see how they can be the product of choice.
/sch
--
I have no opinion, therefore I do not exist |
|
atangel
Now What??
Premium
join:2002-02-18
Bronx, NY
1 edit | reply to IGGY
Iggy, just comes down to trust. You never know, always wonder. That's why I added the part "Even if its perfect." ZA is good, but IF something is going on, the silence is disquieting (leaves me thinking that it is "better to say nothing boys, than get caught in a lie" kind of corp thing). And I don't want to recommend something just to "un-recommend" it later. I'm sure everything is fine, but....
WFO, I'm not in there I had a product issue with Sygate years ago, but I don't remember what it was anymore....
I think shamrin's last par. above kind of covers it all.
--
The reason you think I'm way on the left is 'cause you're so far to the right.
Dell Dimension, XP Pro, 2.4 Ghz, 512MB, BEFSX41, ZAP 5, NOD32, BOClean, a2, Adaware, Spybot, MW Pro, The Bat! |
|
SUMware
Premium
join:2002-05-21
| reply to IGGY
"I'd bet money that my contact has taken the week off for the holidays. I'm also aware that my contact has a lot of things on their plate so to speak. So it doesn't worry me that I've seen no reply. I also never read anything into such a situation."
Iggy -
With all due respect and appreciation for your contributions, the concern of many people is not about you or your contact possibly being on vacation, it's that ZoneAlarm/Labs itself is not disputing any of the privacy issues raised here. It's as if they're hoping, by maintaining their silence, our privacy concerns will vanish, be forgotten, or perhaps remain hidden.
It is not possible to believe that the company's public communication regarding the integrity of their security software revolves exclusively around one person who may be on vacation.
"There is in fact no proof that a "privacy violation" has occurred."
The public is not obligated to rely on, nor trust, one or a few persons for ZA propaganda. Circumstantial events have raised legitimate suspicions. It is now ZA's responsibility to demonstrate that no "violation" is occurring. Serious issues have been raised and an immediate and honest reply is required. That is if ZA, in fact, takes this issue seriously. And if it doesn't, that also speaks loudly and clearly! |
|
Hillsboro
Premium
join:2004-11-28
| It is not possible to believe that the company's public communication regarding the integrity of their security software revolves exclusively around one person who may be on vacation.
"There is in fact no proof that a "privacy violation" has occurred."
The public is not obligated to rely on, nor trust, one or a few persons for ZA propaganda. Circumstantial events have raised legitimate suspicions. It is now ZA's responsibility to demonstrate that no "violation" is occurring. Serious issues have been raised and an immediate and honest reply is required. That is if ZA, in fact, takes this issue seriously. And if it doesn't, that also speaks loudly and clearly!
Amen! It is ludicrous to suggest that because of the holidays, or 'someones plate being full' ZA hasn't replied yet. PR wise, any company on the up and up would have been all over this long ago. They would have responded to these concerns within 2 or 3 working days at the most.
This whole matter of privacy and trust should be right at the top of ZA's to-do list, and it isn't. They are probably stonewalling in hopes that this will go away and is a clear demonstration of their corporate arrogance... A serious error in judgement on their part, IMHO. |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
1 edit | reply to IGGY
Again I'm just starting to see a witch hunt here. I mentioned what I did to calm the frustration. In return I've seen some very negative and personal comments towards my post. Honestly if your so sure there is something underhanded going on. Use the power of choice. As I said in another venue. I honestly feel once again we are seeing things being way blown out of proportion. Which seems to happen often in online forums. And do to some of the comments. I'll be taking my leave of the thread. I'm all for constructive analysis. And if there truly is an issue. I'm all for ZoneLabs being put to task. If in fact something not so kosher is going on. But I'm feeling things are now leaning more towards the less constructive side.
"Iggy, I can appreciate you wanting to give ZA the benefit of the doubt (especially understandable looking at your avatar"
I'll just say I think you need to take a look at many previous threads. Before trying to bring my character into question. I can think of one older thread were I definitely took the opposite side of the company. I'm not going to start throwing around accusations that don't have 100% facts to back them up. I'm not going to go accusing a company of doing something underhanded unless I feel I have good facts or basis to do so. At this time I see some reason to ask questions. But I see no reason to start making assumptions.
--
Test Your Security
Cable Diagnostics
Iggyz Blog ZoneAlarm Help |
|
atangel
Now What??
Premium
join:2002-02-18
Bronx, NY | I don't sense a witchhunt, as much as, say, the usual paranoid uber-concern.... And fer sure none of it directed at you! |
|
SUMware
Premium
join:2002-05-21
| reply to IGGY
Again Iggy please understand, "the concern of many people is not about you or your contact". You are highly respected here.
It's not a witch hunt, it's about legitimate concerns. We're urging, willing and EAGER for discussion with, or even a sentence from, ZA!
I'm a solid ZA user and promoter since I came online. Like others, I am hoping that this is much ado about nothing. But we do need to hear from the company. |
|
WFO
Premium
join:2001-08-27
San Ramon, CA
| reply to atangel
said by atangel  :I don't sense a witchhunt, as much as, say, the usual paranoid uber-concern.... And fer sure none of it directed at you! LOL..."Paranoid uber-concern." Or possibly rabid dogs that smell blood? j.k.;)Iggy you should know by now DSLR members are extra sensitive. Recent examples...The FF issue in Germany, The Sygate phone home driver, the KAV ADs panic and Ad-Aware's debacle release of SE with Multiple updates, bugs and versions in a short span. DSLR members expect perhaps unfairly, nothing short of excellence 100% of the time. That ZA may (likely not) have a Claria/WhenU type relationship unknown to users causes them to vent. Rather than hurl potentially false accusations against a product/company I like, I'll monitor my router traffic. There should be no call-outs to ZL as they are blocked as previously stated. Before others jump ship, I suggest they do their own research. Too, they could always disable the suspect file and see what happens. If the FW runs normally, problem (if there is one)gone. One memeber has already done so and experienced no problems. |
|
